Spike: Validate parent login flow end-to-end #150

New issue

Open

opened 2026-03-28 19:57:53 +00:00 by forgejo_admin · 0 comments

forgejo_admin commented 2026-03-28 19:57:53 +00:00

Owner

Copy link

Type

Spike

Lineage

Standalone — emerged from session preparing for player email communications. Must validate login works before sending any emails to parents.

Repo

Multiple — forgejo_admin/westside-landing, forgejo_admin/basketball-api, Keycloak realm westside-basketball

Question

Does the complete parent login flow work end-to-end — from landing page sign-in through Keycloak auth to viewing their player profile and updating incomplete fields?

What to Explore

1. Landing to Sign In — verify Keycloak login page loads
2. Keycloak Auth — test with known parent email from DB
3. Post-Login Redirect — verify parent lands on dashboard not landing page
4. Player Linkage — verify email-based matching (Parent.email == Keycloak JWT email) works
5. Profile View — parent can see team assignment and player details
6. Profile Update — test updating missing fields for incomplete player
7. Forgot Password — test self-service reset flow
8. Mobile — test on 390px viewport

Tools: Chrome DevTools MCP and Playwright MCP for dual browser validation.
DB queries: kubectl exec into basketball-api pod to identify test parent accounts.

Success Criteria

• Login flow documented as working or broken with specific failure points
• Each step gets PASS/FAIL with evidence (screenshots, console errors, network traces)
• Discovered bugs filed as separate Forgejo issues with backlog board items
• Parent to player email linkage verified
• Forgot password flow verified

Time-box

Maximum: 1 session. If blocked by Keycloak config, document findings and escalate.

Related

• project-westside-basketball
• forgejo_admin/basketball-api #217 — bulk visibility depends on confirming parent flow works

### Type Spike ### Lineage Standalone — emerged from session preparing for player email communications. Must validate login works before sending any emails to parents. ### Repo Multiple — `forgejo_admin/westside-landing`, `forgejo_admin/basketball-api`, Keycloak realm `westside-basketball` ### Question Does the complete parent login flow work end-to-end — from landing page sign-in through Keycloak auth to viewing their player profile and updating incomplete fields? ### What to Explore 1. Landing to Sign In — verify Keycloak login page loads 2. Keycloak Auth — test with known parent email from DB 3. Post-Login Redirect — verify parent lands on dashboard not landing page 4. Player Linkage — verify email-based matching (Parent.email == Keycloak JWT email) works 5. Profile View — parent can see team assignment and player details 6. Profile Update — test updating missing fields for incomplete player 7. Forgot Password — test self-service reset flow 8. Mobile — test on 390px viewport Tools: Chrome DevTools MCP and Playwright MCP for dual browser validation. DB queries: kubectl exec into basketball-api pod to identify test parent accounts. ### Success Criteria - [ ] Login flow documented as working or broken with specific failure points - [ ] Each step gets PASS/FAIL with evidence (screenshots, console errors, network traces) - [ ] Discovered bugs filed as separate Forgejo issues with backlog board items - [ ] Parent to player email linkage verified - [ ] Forgot password flow verified ### Time-box Maximum: 1 session. If blocked by Keycloak config, document findings and escalate. ### Related - `project-westside-basketball` - `forgejo_admin/basketball-api #217` — bulk visibility depends on confirming parent flow works

forgejo_admin referenced this issue 2026-03-28 21:26:02 +00:00

Bug: Keycloak self-registration bypasses app registration pipeline #151

forgejo_admin referenced this issue 2026-03-28 21:26:08 +00:00

Bug: Two competing forgot-password flows (app + Keycloak) #152

forgejo_admin referenced this issue 2026-03-28 21:26:12 +00:00

Bug: 401 console error on protected routes before auth redirect #153

forgejo_admin referenced this issue 2026-03-28 21:26:15 +00:00

Bug: Mobile sign-in page not vertically centered (390px) #154

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

142-validate-coach-login-and-read-only-roste

139-fix-admin-dashboard-stats-showing-all-ze

129-validate-girls-draft-board-coach-login-a

204-auto-tag-update

deploy-update-image-tag

110-fix-harbor-push-target

No results found.

Labels

Clear labels   

domain:backend

  

domain:devops

  

domain:frontend

No labels

domain:backend

domain:devops

domain:frontend

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

forgejo_admin/westside-landing#150

No description provided.